Lucene search
K

22 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in curl

This flaw allows a malicious HTTP server to set “super cookies” using curl, which are then transmitted back to multiple origins beyond what is allowed or possible. This enables a site to set cookies that are then sent to different and unrelated sites and domains. The attack exploits a flaw in...

6.5CVSS6.6AI score0.01685EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : curl-7.61.1-33.el8_9.5 (AXSA:2024-7656:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7656:02 advisory. curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 curl: more POST-after-PUT confusion CVE-2023-28322 curl: cookie injectio...

6.5CVSS7.2AI score0.06208EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : curl-7.76.1-26.el9_3.3 (AXSA:2024-7591:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7591:01 advisory. curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 Tenable has extracted the preceding description block directly from the...

6.5CVSS7.2AI score0.01685EPSS
Exploits1References2
Amazon
Amazon
added 2024/05/03 12:0 a.m.3 views

Medium: curl

Issue Overview: This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this b...

6.5CVSS6.6AI score0.01685EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/04/02 4:2 p.m.4 views

curl: information disclosure by exploiting a mixed case flaw

A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible...

6.5CVSS6.7AI score0.01685EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/03/18 4:37 p.m.4 views

curl: information disclosure by exploiting a mixed case flaw

A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible...

6.5CVSS6.7AI score0.01685EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/03/18 4:22 p.m.4 views

curl: information disclosure by exploiting a mixed case flaw

A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible...

6.5CVSS6.7AI score0.01685EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/03/05 6:16 p.m.2 views

curl: information disclosure by exploiting a mixed case flaw

A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible...

6.5CVSS6.7AI score0.01685EPSS
Exploits1References5
AlmaLinux
AlmaLinux
added 2024/03/05 12:0 a.m.46 views

Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 For more details about the security issues,...

6.5CVSS6.8AI score0.01685EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/01/30 1:25 p.m.5 views

curl: information disclosure by exploiting a mixed case flaw

A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible...

6.5CVSS6.7AI score0.01685EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/01/25 11:15 a.m.47 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

6.5CVSS6.6AI score0.01685EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/01/25 9:1 a.m.4 views

curl: information disclosure by exploiting a mixed case flaw

A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible...

6.5CVSS6.7AI score0.01685EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/01/25 8:12 a.m.6 views

curl: information disclosure by exploiting a mixed case flaw

A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible...

6.5CVSS6.7AI score0.01685EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/01/25 12:0 a.m.40 views

RHEL 9 : curl (RHSA-2024:0434)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0434 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, a...

6.5CVSS6.5AI score0.01685EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.58 views

Curl 7.46.0 <= 8.4.0 Information Disclosure (CVE-2023-46218)

The version of Curl installed on the remote host is between 7.46.0 and 8.4.0. It is, therefore, affected by an information disclosure vulnerability. A mixed case flaw in Curl's function that verifies a given cookie domain against the Public Suffix List PSL allows a malicious HTTP server to set...

6.5CVSS6.4AI score0.01685EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/12/07 2:5 a.m.3 views

SUSE CVE-2023-46218

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a...

4.2CVSS6.8AI score0.01685EPSS
Exploits1References41
ATTACKERKB
ATTACKERKB
added 2023/12/07 1:15 a.m.5 views

CVE-2023-46218

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a...

6.5CVSS5.7AI score0.01685EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2023/12/07 1:15 a.m.2 views

ALPINE-CVE-2023-46218

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a...

6.5CVSS6.7AI score0.01685EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/12/07 1:10 a.m.5 views

CVE-2023-46218

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a...

6.7AI score0.01685EPSS
Exploits1References7
curl security advisories
curl security advisories
added 2023/12/06 8:0 a.m.7 views

cookie mixed case PSL bypass

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a...

6.5CVSS6.5AI score0.01685EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder